<?php
require("./init.php");
// check if user is logged in
if (!isset($_SESSION["userid"]))
{
    $template->assign("loginerror", 0);
    $template->display("login.tpl");
    die();
}
// check if user is admin
if (!$userpermissions["admin"]["add"])
{
    $errtxt = $langfile["nopermission"];
    $noperm = $langfile["accessdenied"];
    $template->assign("errortext", "$errtxt<br>$noperm");
    $template->display("error.tpl");
    die();
}

$action = getArrayVal($_GET, "action");
$id = getArrayVal($_GET, "id");

// get role details from form
$rolename = getParam("rolename");
$projectperms = getParam("permissions_projects");
$mileperms = getParam("permissions_milestones");
$taskperms = getParam("permissions_tasks");
$messageperms = getParam("permissions_messages");
$fileperms = getParam("permissions_files");
$trackerperms = getParam("permissions_timetracker");
$chatperms = getParam("permissions_chat");
$adminperms = getParam("permissions_admin");
$companiesperms = getParam("permissions_companies");
$reportsperms = getParam("permissions_reports");
$usersperms = getParam("permissions_users");

// create new roles object
$roleobj = (object) new roles();
// add a role
if ($action == "addrole")
{
    $projectperms = $roleobj->sanitizeArray($projectperms);
    $mileperms = $roleobj->sanitizeArray($mileperms);
    $taskperms = $roleobj->sanitizeArray($taskperms);
    $messageperms = $roleobj->sanitizeArray($messageperms);
    $fileperms = $roleobj->sanitizeArray($fileperms);
    $trackerperms = $roleobj->sanitizeArray($trackerperms);
    $chatperms = $roleobj->sanitizeArray($chatperms);
    $adminperms = $roleobj->sanitizeArray($adminperms);
    $companiesperms = $roleobj->sanitizeArray($companiesperms);
    $reportsperms = $roleobj->sanitizeArray($reportsperms);
    $usersperms = $roleobj->sanitizeArray($usersperms);

    if ($roleobj->add($rolename, $projectperms, $taskperms, $mileperms, $messageperms, $fileperms, $trackerperms, $chatperms, $adminperms, $companiesperms, $reportsperms, $usersperms))
    {
        $loc = $url . "admin.php?action=users&mode=roleadded";
        header("Location: $loc");
    }
}
// delete a role
elseif ($action == "delrole")
{
    if ($roleobj->del($id))
    {
        echo "ok";
    }
}
// edit a role
elseif ($action == "editrole") {
    
    $projectperms = $roleobj->sanitizeArray($projectperms);
    $mileperms = $roleobj->sanitizeArray($mileperms);
    $taskperms = $roleobj->sanitizeArray($taskperms);
    $messageperms = $roleobj->sanitizeArray($messageperms);
    $fileperms = $roleobj->sanitizeArray($fileperms);
    $trackerperms = $roleobj->sanitizeArray($trackerperms);
    $chatperms = $roleobj->sanitizeArray($chatperms);
    $adminperms = $roleobj->sanitizeArray($adminperms);
    $companiesperms = $roleobj->sanitizeArray($companiesperms);
    $reportsperms = $roleobj->sanitizeArray($reportsperms);
    $usersperms = $roleobj->sanitizeArray($usersperms);
    
    if ($roleobj->edit($id, $rolename, $projectperms, $taskperms, $mileperms, $messageperms, $fileperms, $trackerperms, $chatperms, $adminperms, $companiesperms, $reportsperms, $usersperms))
    {
        $loc = $url . "admin.php?action=users&mode=roleedited";
        header("Location: $loc");
    }
}

?>